Samba-3.0alpha23 available on samba.org mirrors

Gerald (Jerry) Carter jerry at samba.org
Mon Mar 31 14:53:37 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We've just posted another snapshot of the SAMBA_3_0 cvs tree
for download.  This is a non-production release provided for
testing only.  Note that this release **does** contain the 
security fixes included in the Samba 2.2.8 release.

The source code can be downloaded from :

    http://download.samba.org/samba/ftp/alpha/

The uncompressed tarball and patch file have been signed
using GnuPG.  The Samba public key is available at

    http://download.samba.org/samba/ftp/samba-pubkey.asc

Binary packages for RedHat have been released and can be
found at

    http://download.samba.org/samba/ftp/Binary_Packages/

Others will be available as they are submitted by volunteers.

A simplified version of the CVS log of updates since 3.0alpha22
can be found in the the download directory under the name
ChangeLog-3.0alpha22-alpha23.  The release notes follow.

As always, all bugs are our responsibility.

                                  --Enjoy
                                  The Samba Team

- ----------------------------------------------------------------

                  WHATS NEW IN Samba 3.0 alpha23
                          30th March 2003
                  ==============================

This is a pre-release of Samba 3.0. This is NOT a stable release. 
Use at your own risk.

The purpose of this alpha release is to get wider testing of the 
major new pieces of code in the current Samba 3.0 development tree. 
We have officially ceased development on the 2.2.x release of Samba 
and are concentrating on Samba 3.0. To reduce the time before the 
final Samba 3.0 release we need as many people as possible to start
testing these alpha releases, and hopefully giving us some high 
quality feedback on what needs fixing.

Note that Samba 3.0 is not feature complete yet. There is a more 
coding we have planned, but unless we get what we have done already 
more widely tested we will have a hard time doing a stable release 
in a reasonable time frame.

Major new features:
- -------------------

- - Active Directory support. This release is able to join a ADS realm
  as a member server and authenticate users using LDAP/kerberos.

- - Unicode support. Samba will now negotiate UNICODE on the wire and
  internally there is now a much better infrastructure for multi-byte
  and UNICODE character sets.

- - New authentication system. The internal authentication system has
  been almost completely rewritten. Most of the changes are internal,
  but the new auth system is also very configurable.

- - new filename mangling system. The filename mangling system has been
  completely rewritten. An internal database now stores mangling maps
  persistently. This needs lots of testing.

- - new "net" command. A new "net" command has been added. It is
  somewhat similar to the "net" command in windows. Eventually we plan
  to replace a bunch of other utilities (such as smbpasswd) with
  subcommands in "net", at the moment only a few things are
  implemented.

- - Samba now negotiates NT-style status32 codes on the wire. This
  improves error handling a lot.

- - better w2k printing support including publishing printer
  attributes in active directory

- - new loadable RPC modules

- - new dual-daemon winbindd support for better performance

- - support for migrating from a Windows NT 4.0 domain

- - support for establishing trust relationships with Windows NT 
  4.0 domain controllers

Plus lots of other changes!


Reporting bugs & Development Discussion
- ---------------------------------------

Please discuss this release on the samba-technical mailing list or by
joining the #samba-technical IRC channel on irc.freenode.net.

If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored.


Changes in alpha23:
- -------------------

  LDAP Group Mapping
  ------------------

  pdbedit -i -e sets all SAM_ACCOUNT elements to CHANGED to
  satisfy the new pdb_ldap.c handling.   pdbedit -g transfers group
  mappings. I made this separate from the user database, as current
  installations have to live with a split backend.  So, if you are
  running 3_0 alphas with LDAP as a backend and upgrade to 3.0alpha23,
  you must call

    root# pdbedit -i tdbsam -e ldapsam -g

  to transfer your group mapping database to LDAP.

  All groups must be represented as posixGroup objects in
  the directory and you must adapt your LDAP schema to support the
  sambaGroupMapping before running this command.  Refer to
  examples/LDAP/samba.schema for details on the objectclass.


  Parameters
  ----------

  Modified Parameters (see smb.conf(5) for details):

  * passdb backend

  Added Parameters

  * ldap del only sam attr
  * ldap delete dn


  ChangeLog
  ---------

  See cvs log for SAMBA_3_0 for complete details.  There are many
  smaller numerous changes that would clutter the release notes.

0)  Include security fix from Samba 2.2.8
1)  Fix interop bug in tconX on port 445 with Windows 2000
2)  Interpret missing SMB_ACL_USER_OBJ, SMB_ACL_GROUP_OBJ, or
    SMB_ACL_OTHER as "preserve current value" instead of attempting
    to build one ourself.
3)  Rearrange set_nt_acl() such that chown is only done before
    setting ACLs if there is either no change of owning user, or
    change of owning user is towards the current user. Otherwise
    chown is done after setting ACLs.
4)  Continuing work on NTLMSSP-based SMB signing
5)  When opening an existing TDB, don't require the hash_size
    specified to the open call to be the same as that of the
    existing tdb.  The specified hash_size is only used if the
    tdb needs to be (re)created.
6)  Add support for "WinXP" and "Win2K3" client architectures.
7)  Fixed the unmarshalling of the queryaliasmem SAMR call
8)  Windows 2000 can take much longer than the specified time to
    respond to a lock - so to make the torture tests valid I give
    it a grace time of 10 seconds instead of 2
9)  Continued work on string handling paranoia
10) Merge new statcache.c from HEAD
11) Add new 'net ads dn' option
12) Sync up SessionSetup code to HEAD, including Luke Howard's
    session key and auth verifier patches
13) Work on cleaning up winbindd's mutex locking
14) Add support for LDAP based Windows group mapping
15) Improve LDAP update routines
16) Fix memory leaks found by Valgrind
17) Add a 'privileged' mode to Winbindd
18) Work around platforms that have broken getgrnam() implementations
19) Merge real time signal fixes for kernel oplock code from HEAD
20) Fix CIDR hosts allow/deny notation
21) Fixup tcon&X server responses and error codes
22) Set domain for users in passdb created by "net rpc vampire"
23) More scalable printing updates



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE+iFZ0IR7qMdg1EfYRAvmAAJ9p85WrRDbJz4etbUW3odRy729iEwCePiRE
LdGaV/PfvrJDEmMCqw8oD0c=
=etmn
-----END PGP SIGNATURE-----



More information about the samba-technical mailing list